Welcome to Technology Short Take #119! As usual, I’ve collected some articles and links from around the Internet pertaining to various data center- and cloud-related topics. This installation in the Tech Short Takes series is much shorter than usual, but hopefully I’ve managed to find something that proves to be helpful or informative! Now, on to the content!
- Chip Zoller has a write-up on doing HTTPS ingress with Enterprise PKS. Normally I’d put something like this in a different section, but this is as much a write-up on how to configure NSX-T correctly as it is about configuring Ingress objects in Kubernetes.
- I saw this headline, and immediately thought it was just “cloud native”-washing (i.e., tagging everything as “cloud native”). Fortunately, the diagrams illustrate that there is something substantive behind the headline. The “TL;DR” for those who are interested is that this solution bypasses the normal
iptableslayer involved in most Kubernetes implementations to load balance traffic directly to Pods in the cluster. Unfortunately, this appears to be GKE-specific.
Nothing this time around. I’ll stay tuned for content to include next time!
- The Kubernetes project recently underwent a security audit; more information on the audit, along with links to the findings and other details, is available here.
- Daniel Sagi of Aqua Security explains the mechanics behind a Pod escape using file system mounts.
Cloud Computing/Cloud Management
- David Holder has a post on using Terraform to create a highly available, cross-AZ etcd cluster.
- Anthony Spiteri shares a Terraform configuration he created to deploy a sandbox Kubernetes cluster on VMware vSphere.
- Phoummala Schmitt talks about the importance of tags with cloud resources. Although her article is written specifically for Azure, the underlying concept of being sure to tag resources appropriately is valuable for any cloud provider.
- Mike Metral shows how to use Pulumi to migrate workloads across EKS node groups with no downtime (the “no downtime” part is subject to certain caveats and restrictions, largely driven by the nature of the application involved).
- Are you a (largely non-technical) manager seeking to better understand Kubernetes? (I’d be surprised if that was the case, since that’s not my target audience.) Perhaps this article can help.
- Containous, the folks behind the Traefik ingress controller, recently introduced Yaegi, a Go interpreter. I haven’t yet had time to take a closer look at this, but based on what I’ve read so far this might be a useful tool to help accelerate learning Golang. Yaegi is hosted on GitHub.
- From the same folks, we have Maesh, a “simpler service mesh.” I’m not sure “simple” and “service mesh” belong in the same sentence, but given that I haven’t yet had the time to look into this more deeply I’ll let it slide.
- Luc Dekens shares how to customize PowerShell to show things like the connected vSphere server, the Git repository or branch, the PowerCLI version, and more. Of course, Linux folks have been doing things like this with Bash for quite a while…
- Puja Abbassi, a developer advocate at Giant Swarm, discusses the future of container image building by looking at some of the concerns with the existing “Docker way” of building images.
- Jeff Geerling explains how to test your Ansible roles with Molecule. This is a slightly older post, but considering I found it useful I thought other readers might find it useful as well.
I don’t have any links to share this time, sorry!
Nope, nothing here either. I’ll stay alert for more content to include in the future.
- This checklist is described as a “senior engineer’s checklist,” but it seems to be pretty applicable to most technology jobs these days.
See, I told you it was actually a short take this time! I should have more content to share next time. Until then, feel free to hit me up on Twitter and share any feedback or comments you may have. Thanks, and have a great weekend!